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In re Application of: 
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Serial No.: 10/781,865 



Examiner: Muktesh G. Gupta 



Filed: February 20, 2004 



Confirmation No.: 5066 



For: Apparatus and Method for Performing Traffic Flow Template Packet Filtering 
According to Internet Protocol Versions In Mobile Communication System 



In response to the Final Office Action of June 16, 2008 and the Advisory Action mailed 
October , the Applicant submits the following arguments for consideration with the concurrently 
filed Pre- Appeal Brief Request For Review, 

Remarks/Arguments 

Claims 1, 7, 12-18, and 23-28 re rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent Publication No. 2003/0221016 to Jouppi et al. (hereinafter- 
Jouppi), as applied to claims above, and further in view of U.S. Patent No. 7,145,919 to 
Krishnarajah et al. (hereinafter- Krishnarajah). Applicant respectfully traverse the rejection. 

Claim 1 recites, inter alia, the combination of "extracting a first IP version address 
from a source second IP version address, wherein the second IP version address contains the 
first IP version address" and " generating TFT information using the first IP version address, 
wherein the TFT information contains an indication that the second IP version address 
contains the first IP version address " (hereinafter the Claimed Combination). As explained on 
pages 24-25 of the specification of the present application and discussed on pages 8-9 of 
Applicant's Amendment filed February 15, 2008, an exemplary embodiment of the claimed 
subject matter is designed to solve the computation load problem caused by the 128-bit 
computation conducted against IPv4-embedded IPv6 address during the packet filtering process. 
Conventionally, with respect to a source IP address in the form of an IPv4-embedded IPv6 
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address, when a TFT uses an IPv6 address as a filtering criterion against an incoming packet, 
128-bit computations are inevitable during the filtering process, and thus cause a significant load 
in terms of bit computation as compared with the IPv4 address expressed as only 32 bits. By 
using the scheme in accordance with the Claimed Combination, such a computation load 
problem is resolved. 

The scheme disclosed in Jouppi, which although is also related to IPv6 addresses as well 
as generating a TFT filter, is nonetheless designed to solve a problem entirely different from the 
computation-load problem that the Claimed Combination is designed to solve. Specifically, 
Jouppi's scheme is designed to overcome the prior art problem associated with the GGSN of a 
GPRS system being unable to effectively distinguish a legitimate packet directed to a mobile 
station from a malicious packet also directed to the same mobile station. In particular, in the 
prior art, a mobile station is assigned with an 128-bit IPv6 address, with the 64-bit prefix 
uniquely allocated to the mobile station and the remaining 64 bits being reserved for a suffix. 
The suffix, which comprises an interface identifier, however, is only optional for the mobile 
station as far as identifying the mobile station is concerned. Consequently, an attack may launch 
against the mobile station by exploiting the optional nature of the interface identifier in the form 
of inundating malicious packets directed to IPv6 addresses having configurations interpreted as 
directed to the mobile station, the configurations invariably being that the 64-bit prefix is the 64- 
bit prefix uniquely assigned to the mobile station and the 64-bit suffix is a suffix having a 
random interface identifier. Because the prior art only uses the 64-bit prefix of a destination IPv6 
address as the criterion to filter out packets not intended for the mobile station, the prior art 
cannot effectively filter out those malicious packets, which, as discussed above, have their 
respective destination IP addresses conforming to the above-described configurations. 

To solve this problem, Jouppi disclosed a scheme, in which an interface identifier is 
either first allocated to the mobile station (see paragraph [0006] of Jouppi), or first extracted 
from a source IPv6 address (see paragraph [0009] of Jouppi), and a TFT filter containing the 
interface identifier information, as opposed to a TFT filter containing the 64-bit prefix uniquely 
assigned to the mobile station, is then included among other active TFT filters, so as to 
distinguish legitimate packets directed to the mobile station from malicious packets also directed 
to the mobile station. Hence, Joigypi's scheme is irrelevant to the computation-load problem 
2 
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that the Claimed Combination is designed to solve. Accordingly, Jouppi does not disclose, 
teach, or suggest the Claimed Combination. More specifically, nowhere does Jouppi teach or 
suggest '^extracting a first IP version address fi-om a source second IP version address, wherein 
the second IP version address contains the first IP version address", as included in the Claimed 
Combination. Nor does Jouppi teach or suggest "generating TFT information ming the first IP 
version address, wherein the TFT information contains an indication that the second IP version 
address contains the first IP version address", as included in the Claimed Combination. As 
disclosed in the specification, this combination effectively causes the otherwise 128-bit 
computations (required by IPv6 addresses) being replaced by 32-bit computations (required by 
IPv6 addresses) and thus achieves the objective of drastically reducing the load of computation 
involving the particular type of IP address being of second IP version and containing an 
address of first IP version. 

Turning to the Advisory Action, in the advisory action, the Examiner provides a detailed 
recount as to how the Jouppi's scheme works relevant to an IPv6 address and establishing a TFT 
filter containing the interface identifier allocated to the mobile station. It appears that, after the 
detailed recounting is completed, the Examiner concludes that, in verbatim, "Examiner 
understanding of filtering and extracting is to be same as the functional objective is achieved 
by both in identifying parameters for IPv6 addresses of packets as an end result" Quite 
frankly. Applicant does not quite understand the Examiner's stated conclusion. However, if 
the Examiner concludes that the functional objective of Jouppi's scheme is the same as the 
functional objective of the Claimed Combination, Applicant respectfully disagrees. As clearly 
indicated above, Jouppi's scheme is designed to distinguish legitimate packets from 
malicious packets (or in Jouppi's own words, "to guide mapping of data flows from a first 
subsystem to the terminal of a second system", see paragraph [0006] of Jouppi), without 
regard the particular type of IP address being of second IP version and containing an address 
of first IP version. Hence, Jouppi is irrelevant to the objective of achieving a significant 
reduction in computation load, particularly bit-computation load, specifically involving the 
particular type of IP address being of second IP version and containing an address of first IP 
version. Thus, the Examiner's assertion that the two respective fiinctional objectives are the 
same is clearly erroneous, and is not anywhere supported by the disclosure of Jouppi. 
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On the other hand, if the Examiner proclaims that the filtering and the extracting 
involved in both schemes (scheme of Jouppi and scheme of the claimed subject matter), without 
regard to what is getting extracted and what is contained in the filter, are the same, Applicant 
respectfully submits that such a proclamation, even being true, is inconsequential to the 
patentability of claim I, since the proclamation has little relevance to the Claimed Combination. 
To be more specific, the Claimed Combination does not claim how an general scheme of 
extracting certain information from an IP address should be conducted, or how a general 
procedure of filtering certain packets using a TFT filter should be accomplished. Nor does the 
Claimed Combination just call for extracting any kind of information without regard to what that 
extracted information is and generating a TFT filter contains that extracted information. To the 
contrary, the Claimed Combination claims specific requirements as to what is getting extracted 
from an IP address AND what is then contained in the TFT filter, a combination of which that 
Applicant believes renders the Claimed Combination patentable over the prior art. Hence, 
because the Examiner's proclamation contains none of those specific requirements, much less 
the combination of those specific requirements, the Examiner's proclamation, even being true, is 
nonetheless inconsequential in contending that the Claimed Combination is non-patentable. 

Further, in the Advisory Action, the Examiner provides a detailed recount with respect to 
the scheme disclosed in Krishnarajah. However, among all the discussions and recountings 
concerning Krishnarajah that the Examiner made in the Advisory Action, what is notably 
missing is any attempt made by the Examiner to articulate how Krishnarajah may 
possibly cure the deficiencies of Jouppi, or bridge the gaps between Jouppi and the 
Claimed Combination. This appears to be the biggest problem of the Examiner's arguments 
made in the Advisory Action, since by this deficiency alone, the Examiner should be regarded as 
failing to discharge his statutory burden of establishing a prima facie case of obviousness. 

On the other hand, the Examiner's detailed recount of Krishnarajah does not appear to 
depart from what Applicant had already discussed and concluded on pages 6-7 of Applicant's 
Response mailed September 1 1, 2008 concerning Krishnarajah as relevant to IPv6 and IPv4. 
Specifically, Krishnarajah cannot possibly cure the deficiencies of Jouppi, or bridge the gaps 
between Jouppi and the Claimed Combination, since when it comes to IPv4 and IPv6, 
Krishnarajah merely teaches a certain scheme (related to treating subflows) that is applied to an 
4 
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IPv6 address but may also be applied to an IPv4 address albeit with a few minor adjustments. 
See pages 6-7 of Applicant's September 1 1, 2008 Response for more details. This teaching of 
Krishnarajah (as related to IPv6 and IPv4) cannot expect to be logically combined with Jouppi's 
teaching (concerning extracting an interface identifier from an IPv6 and forming a TFT filter 
containing the interface identifier so as to distinguish legitimate packets from malicious packets) 
in any kind of way that will arrive at the Claimed Combination, since this teaching of 
Krishnarajah has no relevance to any of the steps included in the Claimed Combination, and thus 
cannot possibly cure the deficiencies of Jouppi, or bridge the gaps between Jouppi and 
Krishnarajah. 

Accordingly, because Jouppi and Krishnarajah, taken either singly or in combination, 
do not disclose, teach, or suggest the Claimed Combination, claim 1 should be allowable over 
Jouppi and Krishnarajah. The remaining pending claims should be also allowable over Jouppi 
and Krishnarajah either by virtue of containing subject matter akin to the Claimed 
Combination as independent claims or by virtue of their dependency from allowable 
independent claims as dependent claims. Accordingly, the rejection of the pending claims 
should therefore be withdrawn. 



In view of the above, it is believed that there are at least one or more errors or 
omissions in the Examiner's rejections. 



Conclusion 



Respectfully submitted. 




Jundong Ma (Reg. No, 61789) 
Tel: (202) 659-9076 



Dated: October 16, 2008 
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